publicité CID

Question

Bonjour,

J'aimerai que quelqu'un m'aide à enlever ses pubs CID qui s'affichent regulierement quand je me connecte. Ca devient vraiment genant!

Merci d'avance

Utilisateur anonyme · Answer

Salut ,

&#8594; Télécharge LOP S&D sur ton bureau.

Ton Anti-virus risque de gueuler pendant la procédure , ne t'inquiète pas. Désactive-le si necessaire.

&#8594; Ensuite double clique sur LopSD.exe   pour lancer l'installation. Accepte le contrat de license.

Un message va t'informer que le repertoire n'existe pas , répond ' oui ' à la question qui s'en suit.

&#8594; Maintenant double clique sur Lop S&D    ( raccourci Lop S&D présent sur le bureau).

Au menu principal, choisis l'option 1

--- Le programme va travailler ---

En fin d'analyse un rapport va apparaître , copie-en le contenu dans ta prochaine réponse.

( rapport sauvegardé aussi dans C:\lopR.txt )


(CTRL+A Pour tout selectionner  , CTRL+C pour copier et CTRL+V pour coller )


&#8594; /!\ Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)  /!\


Tutorial ( aide ) : http://bibou0007.com/outils-specifiques-f78/tuto-lop-sd-t956.htm 

A+

charlotteeeee · Answer

merci de ton aide 


   -----------------------[  Lop S&D 4.2.2-1  XP/Vista  ]---------------------

   [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
   [ USER : charlotte ] [ "C:\Lop SD" ] [ Selection : 1 ]
   [ 11/07/2008 | 15:09:40,78 ] [ PC : YOUR-CE899BE174 ]
   [ MAJ : 09-07-2008 | 21:02 ]
 
   -------------[ Listing des dossiers dans Application Data ]------------  

   [11/10/2006|01:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
   [25/09/2006|14:53] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
   [11/10/2006|01:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
   [11/10/2006|01:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
   [11/10/2006|01:30] C:\DOCUME~1\ADMINI~1\APPLIC~1	oshiba

   [27/06/2008|23:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Admin Inter 1 Mags
   [12/04/2008|12:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
   [05/04/2007|14:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
   [25/09/2006|14:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
   [03/04/2007|20:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
   [11/07/2008|13:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
   [28/01/2007|16:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
   [23/12/2007|19:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
   [03/04/2007|14:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
   [23/12/2007|18:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
   [03/04/2007|13:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
   [05/11/2007|17:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
   [25/11/2007|21:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

   [14/05/2008|17:58] C:\DOCUME~1\CHARLO~1\APPLIC~1\Adobe
   [31/03/2007|20:30] C:\DOCUME~1\CHARLO~1\APPLIC~1\AdobeUM
   [12/07/2007|00:32] C:\DOCUME~1\CHARLO~1\APPLIC~1\Apple Computer
   [30/01/2008|16:05] C:\DOCUME~1\CHARLO~1\APPLIC~1\Dealio
   [25/09/2006|14:53] C:\DOCUME~1\CHARLO~1\APPLIC~1\desktop.ini
   [08/04/2007|13:11] C:\DOCUME~1\CHARLO~1\APPLIC~1\DivX
   [27/06/2008|23:12] C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay
   [15/10/2007|20:19] C:\DOCUME~1\CHARLO~1\APPLIC~1\G-Force Prefs (WindowsMediaPlayer).txt
   [05/04/2007|16:28] C:\DOCUME~1\CHARLO~1\APPLIC~1\Google
   [11/10/2006|01:30] C:\DOCUME~1\CHARLO~1\APPLIC~1\Identities
   [26/06/2007|22:16] C:\DOCUME~1\CHARLO~1\APPLIC~1\InterVideo
   [28/01/2007|13:56] C:\DOCUME~1\CHARLO~1\APPLIC~1\Macromedia
   [13/02/2008|13:17] C:\DOCUME~1\CHARLO~1\APPLIC~1\Microsoft
   [30/04/2008|10:49] C:\DOCUME~1\CHARLO~1\APPLIC~1\Mozilla
   [30/04/2008|10:50] C:\DOCUME~1\CHARLO~1\APPLIC~1\Search Settings
   [26/06/2007|15:42] C:\DOCUME~1\CHARLO~1\APPLIC~1\Sun
   [30/04/2008|10:49] C:\DOCUME~1\CHARLO~1\APPLIC~1\Talkback
   [02/12/2006|15:09] C:\DOCUME~1\CHARLO~1\APPLIC~1\Template
   [11/10/2006|01:30] C:\DOCUME~1\CHARLO~1\APPLIC~1	oshiba
   [17/12/2007|17:37] C:\DOCUME~1\CHARLO~1\APPLIC~1\U3
   [14/05/2008|23:11] C:\DOCUME~1\CHARLO~1\APPLIC~1\WinRAR
   [22/04/2008|21:32] C:\DOCUME~1\CHARLO~1\APPLIC~1\wklnhst.dat
   [25/11/2007|21:15] C:\DOCUME~1\CHARLO~1\APPLIC~1\Yahoo!

   [11/10/2006|01:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
   [25/09/2006|14:53] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
   [11/10/2006|01:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
   [11/10/2006|01:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
   [11/10/2006|01:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1	oshiba

   [11/10/2006|01:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
   [11/10/2006|01:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\X10 Commander

   [11/10/2006|01:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
 
   ----------------[ Tâches planifiées dans C:\WINDOWS	asks ]---------------

   [11/07/2008 15:00][--ah-----] C:\WINDOWS	asks\A826917A9189061A.job
   [14/05/2008 11:50][--a------] C:\WINDOWS	asks\AppleSoftwareUpdate.job
   [11/07/2008 15:04][--ah-----] C:\WINDOWS	asks\SA.DAT
   [10/08/2004 14:00][-r-h-----] C:\WINDOWS	asks\desktop.ini

   A826917A9189061A.job  <-->  c:\docume~1\charlo~1\applic~1\funkhe~1\activewindowtool.exe
 
   ---------------[ Listing des dossiers dans C:\Program Files ]--------------
 
   [12/04/2008|12:33] C:\Program Files\Adobe
   [20/02/2008|11:49] C:\Program Files\Alwil Software
   [11/10/2006|01:49] C:\Program Files\Apoint2K
   [05/04/2007|14:51] C:\Program Files\Apple Software Update
   [01/12/2006|15:43] C:\Program Files\Atheros
   [11/10/2006|01:50] C:\Program Files\ATI Technologies
   [11/10/2006|01:50] C:\Program Files\Common Files
   [25/09/2006|12:59] C:\Program Files\ComPlus Applications
   [30/01/2008|16:02] C:\Program Files\Dealio
   [22/10/2007|13:08] C:\Program Files\DivX
   [05/06/2008|11:37] C:\Program Files\eMule
   [23/12/2007|21:11] C:\Program Files\Fichiers communs
   [30/01/2008|16:48] C:\Program Files\Free Easy Burner
   [27/06/2008|23:10] C:\Program Files\Funk Heck Okay
   [27/09/2006|01:49] C:\Program Files\GemMasterFrench
   [03/04/2007|20:56] C:\Program Files\Google
   [19/01/2008|01:17] C:\Program Files\InstallShield Installation Information
   [12/06/2008|11:48] C:\Program Files\Internet Explorer
   [11/10/2006|01:53] C:\Program Files\InterVideo
   [11/10/2006|01:54] C:\Program Files\Java
   [06/11/2007|14:47] C:\Program Files\JoWood
   [11/10/2006|01:54] C:\Program Files\ltmoh
   [11/10/2006|01:54] C:\Program Files\Messenger
   [06/11/2007|11:47] C:\Program Files\Microsoft CAPICOM 2.1.0.2
   [11/10/2006|01:56] C:\Program Files\Microsoft Digital Image 2006
   [11/10/2006|01:56] C:\Program Files\microsoft frontpage
   [11/10/2006|01:57] C:\Program Files\Microsoft Office
   [11/10/2006|01:59] C:\Program Files\Microsoft Works
   [11/10/2006|01:59] C:\Program Files\Microsoft.NET
   [11/10/2006|01:59] C:\Program Files\Movie Maker
   [11/07/2008|14:36] C:\Program Files\Mozilla Firefox
   [11/10/2006|01:59] C:\Program Files\MSN
   [11/10/2006|01:59] C:\Program Files\MSN Gaming Zone
   [01/04/2008|15:20] C:\Program Files\MSN Messenger
   [11/02/2007|16:20] C:\Program Files\MSXML 4.0
   [11/10/2006|01:59] C:\Program Files\NetMeeting
   [11/02/2007|17:08] C:\Program Files\Offre Wanadoo
   [11/10/2006|02:00] C:\Program Files\Online Services
   [17/06/2007|01:06] C:\Program Files\Outlook Express
   [05/04/2008|13:54] C:\Program Files\PhotoFiltre
   [15/04/2008|18:59] C:\Program Files\Picasa2
   [05/04/2007|14:54] C:\Program Files\QuickTime
   [11/10/2006|02:00] C:\Program Files\Realtek
   [28/01/2007|13:43] C:\Program Files\SAGEM
   [30/01/2008|16:03] C:\Program Files\Search Settings
   [11/10/2006|02:00] C:\Program Files\Services en ligne
   [25/03/2007|22:02] C:\Program Files\SLD Codec Pack
   [23/12/2007|18:37] C:\Program Files\Spybot - Search & Destroy
   [03/04/2007|14:39] C:\Program Files\Symantec
   [11/10/2006|02:01] C:\Program Files\TOSHIBA
   [27/09/2006|06:03] C:\Program Files\Uninstall Information
   [06/09/2007|13:51] C:\Program Files\Univ-Tchat
   [26/06/2008|16:16] C:\Program Files\Winamp
   [11/10/2006|02:01] C:\Program Files\Windows Desktop Search
   [28/06/2008|00:07] C:\Program Files\Windows Live
   [11/02/2007|16:27] C:\Program Files\Windows Media Player
   [11/10/2006|02:01] C:\Program Files\Windows NT
   [11/10/2006|02:01] C:\Program Files\Windows Plus
   [25/09/2006|13:00] C:\Program Files\WindowsUpdate
   [14/05/2008|23:11] C:\Program Files\WinRAR
   [11/10/2006|02:01] C:\Program Files\X10 Hardware
   [11/10/2006|02:01] C:\Program Files\xerox
   [25/11/2007|21:14] C:\Program Files\Yahoo!
  
   ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
   
   [12/04/2008|12:35] C:\Program Files\Fichiers communs\Adobe
   [11/10/2006|01:50] C:\Program Files\Fichiers communs\DESIGNER
   [11/10/2007|18:34] C:\Program Files\Fichiers communs\InstallShield
   [11/10/2006|01:50] C:\Program Files\Fichiers communs\InterVideo
   [11/10/2006|01:50] C:\Program Files\Fichiers communs\Java
   [06/06/2008|06:47] C:\Program Files\Fichiers communs\Microsoft Shared
   [11/10/2006|01:51] C:\Program Files\Fichiers communs\MSSoap
   [11/10/2006|01:51] C:\Program Files\Fichiers communs\ODBC
   [11/10/2006|01:51] C:\Program Files\Fichiers communs\Services
   [11/10/2006|01:51] C:\Program Files\Fichiers communs\SpeechEngines
   [19/02/2008|21:10] C:\Program Files\Fichiers communs\Symantec Shared
   [17/06/2007|01:06] C:\Program Files\Fichiers communs\System

   ---------------------------[ Process ]--------------------------

   ... 68

   IEXPLORE.EXE ~ [3808]
   IEXPLORE.EXE ~ [2408]

   ----------------------[ Recherche avec S_Lop ]---------------------

   C:\DOCUME~1\CHARLO~1\LOCALS~1\Temp\bis1.exe
 
   -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

   C:\DOCUME~1\ALLUSE~1\APPLIC~1\Admin Inter 1 Mags
   C:\DOCUME~1\ALLUSE~1\APPLIC~1\Admin Inter 1 Mags\AXIS CASH.exe
   C:\DOCUME~1\ALLUSE~1\APPLIC~1\Admin Inter 1 Mags\DASH LOAD.exe
   C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay
   C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay\activewindowtool.exe
   C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay\ckjkcvqt.exe
   C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay\eijetwhn.exe
   C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay\fynbigrs.exe
   C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay\Hold base.exe
   C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay\Internetownsdoglink.exe
   C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay\qggymmfa.exe
   C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay\vmeychgw.exe
   C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay\whnqkqqu.exe
   C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay\zrebdieo.exe
   C:\Program Files\Funk Heck Okay
   C:\DOCUME~1\CHARLO~1\APPLIC~1\funkhe~1
   C:\DOCUME~1\CHARLO~1\APPLIC~1\funkhe~1\activewindowtool.exe
   C:\DOCUME~1\CHARLO~1\APPLIC~1\funkhe~1\ckjkcvqt.exe
   C:\DOCUME~1\CHARLO~1\APPLIC~1\funkhe~1\eijetwhn.exe
   C:\DOCUME~1\CHARLO~1\APPLIC~1\funkhe~1\fynbigrs.exe
   C:\DOCUME~1\CHARLO~1\APPLIC~1\funkhe~1\Hold base.exe
   C:\DOCUME~1\CHARLO~1\APPLIC~1\funkhe~1\Internetownsdoglink.exe
   C:\DOCUME~1\CHARLO~1\APPLIC~1\funkhe~1\qggymmfa.exe
   C:\DOCUME~1\CHARLO~1\APPLIC~1\funkhe~1\vmeychgw.exe
   C:\DOCUME~1\CHARLO~1\APPLIC~1\funkhe~1\whnqkqqu.exe
   C:\DOCUME~1\CHARLO~1\APPLIC~1\funkhe~1\zrebdieo.exe
   C:\Program Files\funkhe~1
   C:\WINDOWS\Prefetch\AXIS CASH.EXE-0C690093.pf
   C:\WINDOWS\Prefetch\DASH LOAD.EXE-3A3402EF.pf
   C:\WINDOWS\Prefetch\ACTIVEWINDOWTOOL.EXE-3A954356.pf
   C:\WINDOWS\Prefetch\CKJKCVQT.EXE-17E9F38D.pf
   C:\WINDOWS\Prefetch\HOLD BASE.EXE-2EFADE54.pf
   C:\WINDOWS\Prefetch\QGGYMMFA.EXE-2454FCBD.pf
   C:\DOCUME~1\CHARLO~1\Cookies\charlotte@www.adserver5[2].txt
   C:\DOCUME~1\CHARLO~1\Cookies\charlotte@adin.bigpoint[1].txt
   C:\DOCUME~1\CHARLO~1\Cookies\charlotte@bigpoint[1].txt
   C:\DOCUME~1\CHARLO~1\Cookies\charlotte@fr1.darkorbit.bigpoint[2].txt
   C:\DOCUME~1\CHARLO~1\Cookies\charlotte@fr1.seafight.bigpoint[1].txt
   C:\DOCUME~1\CHARLO~1\Cookies\charlotte@banner.cotedazurpalace[1].txt
   C:\DOCUME~1\CHARLO~1\Cookies\charlotte@cotedazurpalace[1].txt
   C:\DOCUME~1\CHARLO~1\Cookies\charlotte@adopt.euroclick[1].txt
   C:\DOCUME~1\CHARLO~1\Cookies\charlotte@pacificpoker[1].txt
   C:\DOCUME~1\CHARLO~1\Cookies\charlotte@partygaming.122.2o7[1].txt
   C:\DOCUME~1\CHARLO~1\Cookies\charlotte@partypoker[2].txt
   C:\DOCUME~1\CHARLO~1\Cookies\charlotte@fr1.seafight.bigpoint[1].txt
   C:\DOCUME~1\CHARLO~1\Cookies\charlotte@32vegas[2].txt
   C:\DOCUME~1\CHARLO~1\Cookies\charlotte@banner.32vegas[2].txt
   C:\DOCUME~1\CHARLO~1\Cookies\charlotte@2xmoinscher[1].txt
   C:\DOCUME~1\CHARLO~1\Cookies\charlotte@cc.2xmoinscher[1].txt
   C:\DOCUME~1\CHARLO~1\Cookies\charlotte@www.2xmoinscher[2].txt
   C:\DOCUME~1\CHARLO~1\Cookies\charlotte@linternaute[1].txt
   C:\WINDOWS\Tasks\A826917A9189061A.job
 
   ----------------------[ Verification du Registre ]----------------------

   [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 
   "the load"="C:\DOCUME~1\CHARLO~1\APPLIC~1\FUNKHE~1\Hold base.exe"

   [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
   "1 mags 16 more"="C:\Documents and Settings\All Users\Application Data\Admin Inter 1 Mags\DASH LOAD.exe"

   --------------------[ Verification du fichier Hosts ]---------------------

   Fichier Hosts MODIFIE

   127.0.0.1 bin.errorprotector.com ## added by CiD
   127.0.0.1 br.errorsafe.com ## added by CiD
   127.0.0.1 br.winantivirus.com ## added by CiD
   127.0.0.1 br.winfixer.com ## added by CiD
   127.0.0.1 cdn.drivecleaner.com ## added by CiD
   127.0.0.1 cdn.errorsafe.com ## added by CiD
   127.0.0.1 cdn.winsoftware.com ## added by CiD
   127.0.0.1 de.errorsafe.com ## added by CiD
   127.0.0.1 de.winantivirus.com ## added by CiD
   127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
   127.0.0.1 download.cdn.errorsafe.com ## added by CiD
   127.0.0.1 download.cdn.winsoftware.com ## added by CiD
   127.0.0.1 download.errorsafe.com ## added by CiD
   127.0.0.1 download.systemdoctor.com ## added by CiD
   127.0.0.1 download.winantispyware.com ## added by CiD
   127.0.0.1 download.windrivecleaner.com ## added by CiD
   127.0.0.1 download.winfixer.com ## added by CiD
   127.0.0.1 drivecleaner.com ## added by CiD
   127.0.0.1 dynamique.drivecleaner.com ## added by CiD
   127.0.0.1 errorprotector.com ## added by CiD
   127.0.0.1 errorsafe.com ## added by CiD
   127.0.0.1 es.winantivirus.com ## added by CiD
   127.0.0.1 fr.winantivirus.com ## added by CiD
   127.0.0.1 fr.winfixer.com ## added by CiD
   127.0.0.1 go.drivecleaner.com ## added by CiD
   127.0.0.1 go.errorsafe.com ## added by CiD
   127.0.0.1 go.winantispyware.com ## added by CiD
   127.0.0.1 go.winantivirus.com ## added by CiD
   127.0.0.1 hk.winantivirus.com ## added by CiD
   127.0.0.1 instlog.errorsafe.com ## added by CiD
   127.0.0.1 instlog.winantivirus.com ## added by CiD
   127.0.0.1 instlog.winfixer.com ## added by CiD
   127.0.0.1 jsp.drivecleaner.com ## added by CiD
   127.0.0.1 kb.errorsafe.com ## added by CiD
   127.0.0.1 kb.winantivirus.com ## added by CiD
   127.0.0.1 nl.errorsafe.com ## added by CiD
   127.0.0.1 se.errorsafe.com ## added by CiD
   127.0.0.1 secure.drivecleaner.com ## added by CiD
   127.0.0.1 secure.errorsafe.com ## added by CiD
   127.0.0.1 secure.winantispam.com ## added by CiD
   127.0.0.1 secure.winantispy.com ## added by CiD
   127.0.0.1 secure.winantivirus.com ## added by CiD
   127.0.0.1 support.winantivirus.com ## added by CiD
   127.0.0.1 trial.updates.winsoftware.com ## added by CiD
   127.0.0.1 ulog.winantivirus.com ## added by CiD
   127.0.0.1 utils.errorsafe.com ## added by CiD
   127.0.0.1 utils.winantivirus.com ## added by CiD
   127.0.0.1 utils.winfixer.com ## added by CiD
   127.0.0.1 winantispyware.com ## added by CiD
   127.0.0.1 winantivirus.com ## added by CiD
   127.0.0.1 winfixer.com ## added by CiD
   127.0.0.1 winfixer2006.com ## added by CiD
   127.0.0.1 winsoftware.com ## added by CiD
   127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
   127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
   127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
   127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
   127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
   127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
   127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
   127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
   127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
   127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
   127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
   127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
   127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
   127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
   127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
   127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
   127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD

   -> 7744 ( 70 ## added by CiD )

   /!\ 1 Not 127.0.0.1  !!

   ----------------[ Recherche de fichiers avec Catchme ]-----------------
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2008-07-11 15:11:17
   Windows 5.1.2600 Service Pack 2 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 0
 
   --------------------[ Recherche d'autres infections ]---------------------


   Aucune autre infection trouvée  !

   [F:4128][D:302]-> C:\DOCUME~1\CHARLO~1\LOCALS~1\Temp
   [F:1491][D:0]-> C:\DOCUME~1\CHARLO~1\Cookies
   [F:13][D:5]-> C:\DOCUME~1\CHARLO~1\LOCALS~1\TEMPOR~1\content.IE5

   --------------------[ Fin du rapport a 15:13:01,04  ]----------------------

Utilisateur anonyme · Answer

Re ,

Relance Lop S&D 

> option2 ( suppression )

Et poste le rapport obtenu.

( rapport situé dans C:\lopR.txt )


(CTRL+A Pour tout selectionner  , CTRL+C pour copier et CTRL+V pour coller )

*****************************************

&#8594; Télécharge TrendMicro™ HijackThis™

&#8594; Enregistre HJTInstall.exe sur ton bureau.

&#8594; Double-clique sur HJTInstall.exe pour lancer le programme

(!) Par défaut, il s'installera là :
C:\Program Files\Trend Micro\HijackThis

&#8594; Accepte la license en cliquant sur le bouton "I Accept"



&#8594; Ferme Hijackthis en cliquant sur la croix-rouge.



&#8594; Télécharge sur ton bureau DSS (ex Comboscan) de Deckard:

(choisis enregistrer, puis Bureau comme emplacement)

Ferme toutes les applications en cours.

&#8594; Double-clic sur DSS.exe pour lancer l'outil.

&#8594; Une fenêtre s'ouvre, invitant à fermer toutes les applications, clique sur OK.

&#8594; A la fin de l'analyse, une fenêtre s'ouvre, clique sur OK.

Le rapport main.txt va s'afficher, copie le dans ta prochaine réponse.
Si un rapport complémentaire a été créé ( extra.txt ), poste le aussi dans ta réponse.

Les rapports sont ici :
(!) C:\Deckard\System Scanner\main.txt
(!) C:\Deckard\System Scanner\extra.txt

(CTRL+A Pour tout selectionner  , CTRL+C pour copier et CTRL+V pour coller )


A++

charlotteeeee · Answer

encore merci!!! 
est ce que tu peux m'expliquer d'ou ca vient?? 





 -----------------------[  Lop S&D 4.2.2-1  XP/Vista  ]---------------------


   [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
   [ USER : charlotte ] [ "C:\Lop SD" ] [ Selection : 2 ]
   [ 11/07/2008 | 23:05:28,32 ] [ PC : YOUR-CE899BE174 ]
   [ MAJ : 09-07-2008 | 21:02 ]


   \\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

   Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Admin Inter 1 Mags\AXIS CASH.exe
   Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Admin Inter 1 Mags\DASH LOAD.exe
   Supprime! - C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay\activewindowtool.exe
   Supprime! - C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay\ckjkcvqt.exe
   Supprime! - C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay\eijetwhn.exe
   Supprime! - C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay\fynbigrs.exe
   Supprime! - C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay\Hold base.exe
   Supprime! - C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay\Internetownsdoglink.exe
   Supprime! - C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay\qggymmfa.exe
   Supprime! - C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay\vmeychgw.exe
   Supprime! - C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay\whnqkqqu.exe
   Supprime! - C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay\zrebdieo.exe
   Supprime! - C:\WINDOWS\Prefetch\AXIS CASH.EXE-0C690093.pf 
   Supprime! - C:\WINDOWS\Prefetch\DASH LOAD.EXE-3A3402EF.pf 
   Supprime! - C:\WINDOWS\Prefetch\ACTIVEWINDOWTOOL.EXE-3A954356.pf 
   Supprime! - C:\WINDOWS\Prefetch\CKJKCVQT.EXE-17E9F38D.pf 
   Supprime! - C:\WINDOWS\Prefetch\HOLD BASE.EXE-2EFADE54.pf 
   Supprime! - C:\WINDOWS\Prefetch\QGGYMMFA.EXE-2454FCBD.pf 
   Supprime! - C:\DOCUME~1\CHARLO~1\Cookies\charlotte@www.adserver5[2].txt 
   Supprime! - C:\DOCUME~1\CHARLO~1\Cookies\charlotte@adin.bigpoint[1].txt 
   Supprime! - C:\DOCUME~1\CHARLO~1\Cookies\charlotte@bigpoint[1].txt 
   Supprime! - C:\DOCUME~1\CHARLO~1\Cookies\charlotte@fr1.darkorbit.bigpoint[2].txt 
   Supprime! - C:\DOCUME~1\CHARLO~1\Cookies\charlotte@fr1.seafight.bigpoint[1].txt 
   Supprime! - C:\DOCUME~1\CHARLO~1\Cookies\charlotte@banner.cotedazurpalace[1].txt 
   Supprime! - C:\DOCUME~1\CHARLO~1\Cookies\charlotte@cotedazurpalace[1].txt 
   Supprime! - C:\DOCUME~1\CHARLO~1\Cookies\charlotte@adopt.euroclick[1].txt 
   Supprime! - C:\DOCUME~1\CHARLO~1\Cookies\charlotte@partygaming.122.2o7[1].txt 
   Supprime! - C:\DOCUME~1\CHARLO~1\Cookies\charlotte@partypoker[2].txt 
   Supprime! - C:\DOCUME~1\CHARLO~1\Cookies\charlotte@32vegas[2].txt 
   Supprime! - C:\DOCUME~1\CHARLO~1\Cookies\charlotte@banner.32vegas[2].txt 
   Supprime! - C:\DOCUME~1\CHARLO~1\Cookies\charlotte@2xmoinscher[1].txt 
   Supprime! - C:\DOCUME~1\CHARLO~1\Cookies\charlotte@cc.2xmoinscher[1].txt 
   Supprime! - C:\DOCUME~1\CHARLO~1\Cookies\charlotte@www.2xmoinscher[2].txt 
   Supprime! - C:\DOCUME~1\CHARLO~1\Cookies\charlotte@linternaute[1].txt 
   Supprime! - C:\WINDOWS\Tasks\A826917A9189061A.job 
   Supprime! - C:\DOCUME~1\CHARLO~1\LOCALS~1\Temp\bis1.exe
   Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Admin Inter 1 Mags
   Supprime! - C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay
   Supprime! - C:\Program Files\Funk Heck Okay
   RestaurÚ! - Fichier Hosts
 
   //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\ 

   Supprime! - C:\Program Files\Dealio
   Supprime! - C:\DOCUME~1\CHARLO~1\APPLIC~1\Dealio
   Supprime! - C:\Program Files\Search Settings
   Supprime! - C:\DOCUME~1\CHARLO~1\APPLIC~1\Search Settings
 
   //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\

 
   -------------[ Listing des dossiers dans APPLIC~1 ]------------  

   [11/10/2006|01:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
   [25/09/2006|14:53] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
   [11/10/2006|01:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
   [11/10/2006|01:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
   [11/10/2006|01:30] C:\DOCUME~1\ADMINI~1\APPLIC~1	oshiba

   [12/04/2008|12:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
   [05/04/2007|14:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
   [25/09/2006|14:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
   [03/04/2007|20:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
   [11/07/2008|13:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
   [28/01/2007|16:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
   [23/12/2007|19:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
   [03/04/2007|14:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
   [23/12/2007|18:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
   [03/04/2007|13:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
   [05/11/2007|17:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
   [25/11/2007|21:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

   [14/05/2008|17:58] C:\DOCUME~1\CHARLO~1\APPLIC~1\Adobe
   [31/03/2007|20:30] C:\DOCUME~1\CHARLO~1\APPLIC~1\AdobeUM
   [12/07/2007|00:32] C:\DOCUME~1\CHARLO~1\APPLIC~1\Apple Computer
   [25/09/2006|14:53] C:\DOCUME~1\CHARLO~1\APPLIC~1\desktop.ini
   [08/04/2007|13:11] C:\DOCUME~1\CHARLO~1\APPLIC~1\DivX
   [15/10/2007|20:19] C:\DOCUME~1\CHARLO~1\APPLIC~1\G-Force Prefs (WindowsMediaPlayer).txt
   [05/04/2007|16:28] C:\DOCUME~1\CHARLO~1\APPLIC~1\Google
   [11/10/2006|01:30] C:\DOCUME~1\CHARLO~1\APPLIC~1\Identities
   [26/06/2007|22:16] C:\DOCUME~1\CHARLO~1\APPLIC~1\InterVideo
   [28/01/2007|13:56] C:\DOCUME~1\CHARLO~1\APPLIC~1\Macromedia
   [13/02/2008|13:17] C:\DOCUME~1\CHARLO~1\APPLIC~1\Microsoft
   [30/04/2008|10:49] C:\DOCUME~1\CHARLO~1\APPLIC~1\Mozilla
   [26/06/2007|15:42] C:\DOCUME~1\CHARLO~1\APPLIC~1\Sun
   [30/04/2008|10:49] C:\DOCUME~1\CHARLO~1\APPLIC~1\Talkback
   [02/12/2006|15:09] C:\DOCUME~1\CHARLO~1\APPLIC~1\Template
   [11/10/2006|01:30] C:\DOCUME~1\CHARLO~1\APPLIC~1	oshiba
   [17/12/2007|17:37] C:\DOCUME~1\CHARLO~1\APPLIC~1\U3
   [14/05/2008|23:11] C:\DOCUME~1\CHARLO~1\APPLIC~1\WinRAR
   [22/04/2008|21:32] C:\DOCUME~1\CHARLO~1\APPLIC~1\wklnhst.dat
   [25/11/2007|21:15] C:\DOCUME~1\CHARLO~1\APPLIC~1\Yahoo!

   [11/10/2006|01:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
   [25/09/2006|14:53] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
   [11/10/2006|01:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
   [11/10/2006|01:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
   [11/10/2006|01:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1	oshiba

   [11/10/2006|01:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
   [11/10/2006|01:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\X10 Commander

   [11/10/2006|01:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
 
   ----------------[ Tâches planifiées dans C:\WINDOWS	asks ]---------------

   [14/05/2008 11:50][--a------] C:\WINDOWS	asks\AppleSoftwareUpdate.job
   [11/07/2008 15:04][--ah-----] C:\WINDOWS	asks\SA.DAT
   [10/08/2004 14:00][-r-h-----] C:\WINDOWS	asks\desktop.ini
 
   ---------------[ Listing des dossiers dans C:\Program Files ]--------------
 
   [12/04/2008|12:33] C:\Program Files\Adobe
   [20/02/2008|11:49] C:\Program Files\Alwil Software
   [11/10/2006|01:49] C:\Program Files\Apoint2K
   [05/04/2007|14:51] C:\Program Files\Apple Software Update
   [01/12/2006|15:43] C:\Program Files\Atheros
   [11/10/2006|01:50] C:\Program Files\ATI Technologies
   [11/10/2006|01:50] C:\Program Files\Common Files
   [25/09/2006|12:59] C:\Program Files\ComPlus Applications
   [22/10/2007|13:08] C:\Program Files\DivX
   [05/06/2008|11:37] C:\Program Files\eMule
   [23/12/2007|21:11] C:\Program Files\Fichiers communs
   [30/01/2008|16:48] C:\Program Files\Free Easy Burner
   [27/09/2006|01:49] C:\Program Files\GemMasterFrench
   [03/04/2007|20:56] C:\Program Files\Google
   [19/01/2008|01:17] C:\Program Files\InstallShield Installation Information
   [12/06/2008|11:48] C:\Program Files\Internet Explorer
   [11/10/2006|01:53] C:\Program Files\InterVideo
   [11/10/2006|01:54] C:\Program Files\Java
   [06/11/2007|14:47] C:\Program Files\JoWood
   [11/10/2006|01:54] C:\Program Files\ltmoh
   [11/10/2006|01:54] C:\Program Files\Messenger
   [06/11/2007|11:47] C:\Program Files\Microsoft CAPICOM 2.1.0.2
   [11/10/2006|01:56] C:\Program Files\Microsoft Digital Image 2006
   [11/10/2006|01:56] C:\Program Files\microsoft frontpage
   [11/10/2006|01:57] C:\Program Files\Microsoft Office
   [11/10/2006|01:59] C:\Program Files\Microsoft Works
   [11/10/2006|01:59] C:\Program Files\Microsoft.NET
   [11/10/2006|01:59] C:\Program Files\Movie Maker
   [11/07/2008|14:36] C:\Program Files\Mozilla Firefox
   [11/10/2006|01:59] C:\Program Files\MSN
   [11/10/2006|01:59] C:\Program Files\MSN Gaming Zone
   [01/04/2008|15:20] C:\Program Files\MSN Messenger
   [11/02/2007|16:20] C:\Program Files\MSXML 4.0
   [11/10/2006|01:59] C:\Program Files\NetMeeting
   [11/02/2007|17:08] C:\Program Files\Offre Wanadoo
   [11/10/2006|02:00] C:\Program Files\Online Services
   [17/06/2007|01:06] C:\Program Files\Outlook Express
   [05/04/2008|13:54] C:\Program Files\PhotoFiltre
   [15/04/2008|18:59] C:\Program Files\Picasa2
   [05/04/2007|14:54] C:\Program Files\QuickTime
   [11/10/2006|02:00] C:\Program Files\Realtek
   [28/01/2007|13:43] C:\Program Files\SAGEM
   [11/10/2006|02:00] C:\Program Files\Services en ligne
   [25/03/2007|22:02] C:\Program Files\SLD Codec Pack
   [23/12/2007|18:37] C:\Program Files\Spybot - Search & Destroy
   [03/04/2007|14:39] C:\Program Files\Symantec
   [11/10/2006|02:01] C:\Program Files\TOSHIBA
   [27/09/2006|06:03] C:\Program Files\Uninstall Information
   [06/09/2007|13:51] C:\Program Files\Univ-Tchat
   [26/06/2008|16:16] C:\Program Files\Winamp
   [11/10/2006|02:01] C:\Program Files\Windows Desktop Search
   [28/06/2008|00:07] C:\Program Files\Windows Live
   [11/02/2007|16:27] C:\Program Files\Windows Media Player
   [11/10/2006|02:01] C:\Program Files\Windows NT
   [11/10/2006|02:01] C:\Program Files\Windows Plus
   [25/09/2006|13:00] C:\Program Files\WindowsUpdate
   [14/05/2008|23:11] C:\Program Files\WinRAR
   [11/10/2006|02:01] C:\Program Files\X10 Hardware
   [11/10/2006|02:01] C:\Program Files\xerox
   [25/11/2007|21:14] C:\Program Files\Yahoo!
  
   ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
   
   [12/04/2008|12:35] C:\Program Files\Fichiers communs\Adobe
   [11/10/2006|01:50] C:\Program Files\Fichiers communs\DESIGNER
   [11/10/2007|18:34] C:\Program Files\Fichiers communs\InstallShield
   [11/10/2006|01:50] C:\Program Files\Fichiers communs\InterVideo
   [11/10/2006|01:50] C:\Program Files\Fichiers communs\Java
   [06/06/2008|06:47] C:\Program Files\Fichiers communs\Microsoft Shared
   [11/10/2006|01:51] C:\Program Files\Fichiers communs\MSSoap
   [11/10/2006|01:51] C:\Program Files\Fichiers communs\ODBC
   [11/10/2006|01:51] C:\Program Files\Fichiers communs\Services
   [11/10/2006|01:51] C:\Program Files\Fichiers communs\SpeechEngines
   [19/02/2008|21:10] C:\Program Files\Fichiers communs\Symantec Shared
   [17/06/2007|01:06] C:\Program Files\Fichiers communs\System

   ---------------------------[ Process ]--------------------------

   ... 65

   ... OK !

   ----------------------[ Recherche avec S_Lop ]---------------------

   Aucun fichier / dossier Lop trouvé ! 
 
   -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

   C:\DOCUME~1\CHARLO~1\Cookies\charlotte@pacificpoker[2].txt
 
   ----------------------[ Verification du Registre ]----------------------
 
   ..... OK !

   --------------------[ Verification du fichier Hosts ]---------------------

   Fichier Hosts PROPRE


   ----------------[ Recherche de fichiers avec Catchme ]-----------------
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2008-07-11 23:07:11
   Windows 5.1.2600 Service Pack 2 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 0
 
   --------------------[ Recherche d'autres infections ]---------------------


   Aucune autre infection trouvée  !

   [F:4129][D:302]-> C:\DOCUME~1\CHARLO~1\LOCALS~1\Temp
   [F:1476][D:0]-> C:\DOCUME~1\CHARLO~1\Cookies
   [F:434][D:5]-> C:\DOCUME~1\CHARLO~1\LOCALS~1\TEMPOR~1\content.IE5

   --------------------[ Fin du rapport a 23:07:46,82  ]----------------------

charlotteeeee · Answer

je t 'envoie les rapports de dss :

Deckard's System Scanner v20071014.68
Run by charlotte on 2008-07-11 23:14:58
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
55: 2008-07-11 21:15:09 UTC - RP342 - Deckard's System Scanner Restore Point
54: 2008-07-11 10:23:32 UTC - RP341 - Point de vérification système
53: 2008-07-10 10:18:02 UTC - RP340 - Software Distribution Service 3.0
52: 2008-07-08 18:13:25 UTC - RP339 - Point de vérification système
51: 2008-07-07 14:37:55 UTC - RP338 - Point de vérification système


-- First Restore Point -- 
1: 2008-04-13 19:39:27 UTC - RP288 - Point de vérification système


Backed up registry hives.
Performed disk cleanup.

[color=red]Total Physical Memory: 447 MiB (512 MiB recommended)./color


-- HijackThis (run as charlotte.exe) -------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:17:45, on 11/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\TODDSrv.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\ddwmon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\WINDOWS\vVX1000.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD	oscdspd.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\TOSHIBA\ConfigFree\CFXFER.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\charlotte\Bureau\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\charlotte.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: (no name) - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - (no file)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {D0943516-5076-4020-A3B5-AEFAF26AB263} - (no file)
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [DDWMon] C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\ddwmon.exe
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [1 mags 16 more] C:\Documents and Settings\All Users\Application Data\Admin Inter 1 Mags\DASH LOAD.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD	oscdspd.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [the load] C:\DOCUME~1\CHARLO~1\APPLIC~1\FUNKHE~1\Hold base.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb125\Dealio.dll (file missing)
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb125\Dealio.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32
wprovau.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: Service de configuration Atheros (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\WINDOWS\system32\TODDSrv.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

Utilisateur anonyme · Answer

Re ,

Tu as été victime de l'adware LOP.

Il s'installe le + couramment en acceptant les sponsors d'MSN+ , ou via d'autres programmes ...

J'analyse et je revient.

a+

Utilisateur anonyme · Answer

Re ,

&#9679; Désactiver le TeaTimer de Spybot S&D :
&#9679; Lance Spybot S&D:
&#9679; Dans le menu, clic sur "Mode" > Choisis le Mode avançé
&#9679; Dans la colonne de gauche clic sur la rubrique [Outils] > Résident
&#9679; Décoche la case devant Résident "TeaTimer"
&#9679; Décoche la case devant Résident "SDHelper"
Avant de se désactiver, une fenêtre du TeaTimer va apparaitre et te demander d'accepter ou de refuser les modifications dans le registre, il faut donc accepter les modifications.
&#9679; Referme Spybot


************************************************************

Va dans le panneau de configuration, Options régionales et linguistiques, onglet "Langues", bouton "Détails", l'onglet "Avancé", cocher la case "Arrêter les services de texte avancés". 



************************************************************

&#9679; Va dans " Programme et fonctionnalité " trouve & désinstalle : 

Adobe Reader 8.1.2 - Français

Lop S&D

Search Settings

&#9679; Redémarre pour finir la désinstallation.


************************************************************


/!\ Manip crée spécialement pour cet utilisateur , ne pas reproduire chez soi ... /!\


1)Télécharge  OTMoveIt2 ( de Old Timer ) 

2)Une fois téléchargé  double-clique sur OTMoveIt2.exe pour le lancer.

Assure toi que la case Unregister Dll's and Ocx's soit bien cochée

3)puis copie les lignes en gras qui se trouvent en dessous :


[kill explorer]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{D0943516-5076-4020-A3B5-AEFAF26AB263}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\ehTray
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Alcmtr
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Zooming
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\SmoothView
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Google Desktop Search
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\QuickTime Task
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\VX1000
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Adobe Reader Speed Launcher
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\1 mags 16 more
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\CTFMON.EXE
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MsnMsgr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\swg
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\the load
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{E908B145-C847-4e85-B315-07E2E70DECF8}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{E908B145-C847-4e85-B315-07E2E70DECF8}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683}
C:\Documents and Settings\charlotte\Menu Démarrer\Programmes\Démarrage\Lancement rapide de Microsoft Office OneNote 2003.lnk
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{108525­a6-6222-11dc-93e5-0016e38f1022}
C:\Program Files\Java\jre1.5.0_06
C:\Program Files\Adobe\Reader 8.0
C:\Lop SD
Emptytemp
[start explorer]





et colle-les dans le cadre de gauche de OTMoveIt :   "Paste List Of Files/Folders to Move."
clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre Results.
clique sur Exit pour fermer.
4) Poste le rapport situé dans C:\_OTMoveIt\MovedFiles.


(CTRL+A Pour tout selectionner  , CTRL+C pour copier et CTRL+V pour coller )

5) Il te sera peut-être demander de redémarrer le pc pour achever la suppression -> Accepte ( si il ne fait pas automatiquement , fait-le toi même )

/!\ Note : Au démarrage ton bureau RISQUE de ne plus apparaître , dans ce cas fait --> CTRL+ALT+SUPP pour ouvrir le Gestionnaire des tâches.
Puis rends toi à l'onglet "Processus". Clique en haut à gauche sur Fichiers et choisis "Exécuter"

Tape explorer.exe et valide. Cela fera re-apparaître le Bureau.


************************************************************



Poste moi le rapport OtmoveIt , & fait ceci :

Menu démarrer &#9658; exécuter &#9658; copie/colle le contenu du cadre ci dessous :

    "%userprofile%\bureau\dss.exe" /config


Valide.
Cela va ouvrir le panneau de configuration de DSS
&#9658; Clique sur Check All puis Scan





3 rapports au total. (OtmoveIt , Main.txt , extra.txt )

A++

Utilisateur anonyme · Answer

Salut 

on a pas perdu la main a ce que je vois ....

bon taf !!!

-;)

@++

charlotteeeee · Answer

Merci pour ton aide.

Je continuerai demain soir parce que je travaille demain et je vais me coucher!
Dc a demain soir si tu es disponible!
merci encore

Mais deja la il y  a plus de publicités qui s'affichent!

Utilisateur anonyme · Answer

Re ,

Salut Chiqui' , nan j'essaye de pas perdre la main :)

charlotteeeee, 

De rien pour l'aide.

A demain.

A++

Publicité CID

10 réponses

Votre réponse

Discussions similaires

Newsletters